

<div id="stylized" class="myform">

    <form id="form" name="form" method="post">

        <h1>Sign-up</h1>
        <p id='error_chk'>Please fill all the informations bellow</p>

        <label>Name
            <span class="small">Add your name</span>
        </label>
        <input type="text" name="name" id="name" onchange="checkName()" onkeydown="loadEmail()" />

        <label>Email
            <span class="small">Add a valid address</span>
        </label>
        <input type="text" name="email" id="email" onchange="checkEmail()" onkeydown="loadEmail()"/>

        <label>Password
            <span class="small">Min. size 6 chars</span>
        </label>
        <input type="password" name="p" id="password" onchange="checkpassword()"/>

        <label>Retype Password
            <span class="small">Min. size 6 chars</span>
        </label>
        <input type="password" name="repassword" id="repassword" onchange="checkRePassword()" onkeyup="button_event()"/>
		<?php
          echo recaptcha_get_html($publickey);
        ?>
        <button type="submit" id='button_submit'>Sign-up</button>
        <div class="spacer"></div>

    </form>
</div>

<?php



if ($_SERVER['REQUEST_METHOD'] == "POST") {
	$resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);


	if (!$resp->is_valid) {
		// What happens when the CAPTCHA was entered incorrectly
		die ("The reCAPTCHA wasn't entered correctly.");
	} else {
		$name = mysqli_real_escape_string($conn,$_POST['name']);
    $email = $_POST['email'];
    $password = $_POST['p']; 
    // Create a random salt
    $random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
    // Create salted password (Careful not to over season)
    $password = hash('sha512', $password.$random_salt);

    // Add your insert to database script here. 
    // Make sure you use prepared statements!
    
    if ($insert_stmt = $mysqli->prepare("INSERT INTO user (name, email, pass, salt) VALUES (?, ?, ?, ?)")) {    
       $insert_stmt->bind_param('ssss', $name, $email, $password, $random_salt); 
       // Execute the prepared query.
       $insert_stmt->execute();
       $sql="Select id from user order by id desc limit 1";
       $rs=mysqli_query($conn,$sql);
       $r = mysqli_fetch_assoc($rs);
       $user_id=$r['id'];
       $_SESSION['iduser'] = $r['id']; 
       $username = preg_replace("/[^a-zA-Z0-9_\-]+/", "", $name); // XSS protection as we might print this value
       $_SESSION['uname'] = $username;
       $user_browser = $_SERVER['HTTP_USER_AGENT']; // Get the user-agent string of the user.
       $_SESSION['login_string'] = hash('sha512', $password.$user_browser);
       
       
       
       writeLog($conn, $user_id, "Sign - Up");
    }


    ?><script>alert("User create success!");</script><?php
    header("Location: ./");
	}
}
?>

<script type="text/javascript" src="js/register.js">

</script>
